Proxy Browser with JavaScript

CVE-2014-8636 Firefox Proxy Prototype Privileged Javascript

October 27, 2018 – 11:14 am

This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability.